At a time when Internet privacy is always in the news you'd expect companies to take the hint. Growing concern over serious data breaches and rising identity theft show that online privacy is more important than ever. According to data obtained under a recent Freedom of Information (FoI) request by digicoms vendor ViaSat, the Information Commissioner's Office (ICO) - the UK regulator - issued 20 monetary penalties in 2012-2013 totalling £2.6 million. Between March 2012 and March 2013, there were 1,150 self-reported breaches made to the ICO, despite only 730 being made between 22 March 2011 and 17 February 2012.
Chris McIntosh, chief executive of ViaSat UK, said it's pleasing to see the ICO make good on its promise to use both the “carrot and the stick” when enforcing the Data Protection Act.
But it's not just about having a policy in place. You've also got to practice what you preach. Over the next few months the ICO intends to examine 250 UK-based websites to assess how easy their privacy policies are to read and how clearly they explain how personal data is processed.
As Ian Williams, Lead International Policy Officer at the UK Information Commissioner's Office explains:
"Privacy policies might not sound like the most interesting topic for such a study, but they’re crucial in making sure consumers know how their personal information is being used.
Too often we find organisations using the notices to protect themselves rather than inform the public, and there’s no excuse for this," Mr Williams said
Internet privacy - get your policy right first time
- Avoid confusing mixtures of ‘tick here to opt-ins’ and ‘tick here to opt-out’, and don’t pre-tick consent boxes.
- Show your web users the difference between information they need to provide to get the goods or services they have requested, and information which is optional.
- Review your privacy notice from time to time to make sure it is accurate, up to date and accessible to everyone.
- Read the Information Commissioner's guidance Privacy Notices Code of Practice (pdf) for more detailed advice about collecting and using personal information.
Need further help?